Add token based authentication to Activiti

Details

Type: New Feature
Status: Closed
Priority: Major
Resolution: Won't Fix
Affects Version/s: None
Fix Version/s: None
Component/s: Explorer, Rest
Labels:
- authentication
- security

Number of attachments :
0

Description

At the moment the only way to sign into the Explorer is via username/password authentication,
we suggest adding a token based authentication to that.
The basic idea is that a you can generate login tokens using the IdentityService, these can
be used e.g., to generate notification E-Mails with a direct login url, or that another
application can request such a token via the REST interface so that the user does not
have to authenticate again.

Of course certain security measures need to be implemented e.g., limited lifetime/uses of a token.

We are willing to provide the implementation if it will be included into Activiti.

Any comments?

Activity

No work has yet been logged on this issue.

People

Assignee:

Tijs Rademakers

Reporter:

Leonard Br�nings

Vote (0)

Watch (3)

Dates

Created:

19/Mar/12 9:44 AM

Updated:

20/Sep/12 8:27 AM

Resolved:

20/Sep/12 8:27 AM